[Kroupware] Kolab security fixes
Paul Gargan
pgargan at nexgenfs.com
Thu Jan 22 18:39:18 CET 2004
Hi all,
I'm a system administrator who recently started looking at Kolab with a
view to deploying it in our organisation. I'm wondering what approach is
taken to security patches for the various software components used in
the project.
Firstly, are the supplied versions of Apache, Postfix, etc custom built
for Kolab, or are they the vanilla source code provided by the
respective vendors?
Secondly, if a security hole is discovered in a Kolab component (e.g.
the root hole in Monit discovered last November) how is this treated?
Are the patches released by the package authors backported into whatever
version is being used by Kolab? Or are these patches simply rolled up
into the next release of Kolab (leaving servers vunerable in the
interim)? Or is it up to server administrators to manually patch and
recompile?
If all this is addressed in a FAQ somewhere, then a pointer to a URL
will suffice :)
Many thanks in advance,
Paul Gargan
More information about the Kroupware
mailing list